Pages

Saturday, February 27, 2010

Forget District 9 ...


Aliens are here, and they have a colony in Hyderabad, instead of South Africa.

Some stupid real estate developer felt that now that all branding concepts for what is essentially a commodity product now are exhausted, selling alien space station homes would be a good idea. We already had eco homes, close to nature homes, golf course homes, so why not have alien space station homes?

Here's the screenshot of an ad they are running on yahoo mail.

http://aliensgroup.in/micro/html/SS1.php

Friday, February 19, 2010

Shady URL

Dear Visitor,

If you are coming from buzz/twitter, and the URL link I posted made you click here, try www.shadyurl.com. It makes your URL looks so shady, people can't resist clicking. Your visit itself may be a testimony to it.

For others, this is what I posted on buzz
http://5z8.info/mercenary_z9u8_IE-exploiter

Even my shameless streak of self promotion didn't allow me to post the other one,
but I believe it would have got much more traffic had I posted it

http://5z8.info/stalin_s6c2_friendster-of-sex

Go ahead, try shadyurl.com for yourself



Saturday, February 13, 2010

What is in the heap?

How to find out what is there in a process heap? Here is some Solaris fu that I found handy from a usenet post from Jonathan Adams (netbsd archives)

Let's say you have a core dump already. If you don't have it, you can always get one using gcore.

Run pmap on the core file. Look at the segment of interest. It would show you the a lot of information, starting with address, permissions, heap/stack or the name of the file that is mapped (in case of dynamically loaded libraries, for example). Once you have identified the segment of interest (which was a segment whose size was too big, in my case), use it address and get the program header using elfdump.

elfdump -p core | ggrep -iB1 -A4 FFFFFFFF7DA00000
Program Header[6]:
p_vaddr: 0xffffffff7da00000 p_flags: [ PF_W PF_R ]
p_paddr: 0 p_type: [ PT_LOAD ]
p_filesz: 0x10000 p_memsz: 0x10000
p_offset: 0x1840c8 p_align: 0

Now that you know the offset at which your segment is (p_offset), and the size, copy it using dd

dd if=core of=/tmp/data ibs=1 size=65536 seek=1589448

At this point, you could run strings on the segment to get some idea of what is contained in there.

Google is a sharp cookie

Google is now willing to tell you what they know about you. Visit the ad services preferences to find out what they know about you.

The cookie is in doubleclick.net domain, by the name id. It has a unix timestamp in it, which should show you how old your cookie is. They expire it after 1 year.

This is a good initiative on the part of Google, but here is the bit that's scary.

My cookie expires Jan 16, 2012, which means its barely a month old. In this period, they have been able to figure out that I am interested in Advertising and Marketing, Computer & Electronics->Programming, Software & Computer Security. Of course - their score is not 100%, but based on what I did during last month, thinking that I am interested in movies (I purchased a ticket for Avatar from AMC Entertainment) and Watches (I bought a few), they are close.

Too close for comfort. Would I opt out? No. But the average user might.